CAREERS

Pages

Mobile Biometrics: The Next Phase of Enterprise Authentication?

Smartphones and tablets equipped with fingerprint readers or other biometric hardware have the potential to drive greater adoption of biometric authentication in the enterprise—if we can get the hardware, software and business processes right.

Should these kinks be ironed out, it's up to enterprises to figure out how to use these built-in capabilities within their IT infrastructure. The use cases are there, says Shivesh Vishwanathan, senior mobility solutions architect at Persistent Systems, a mobile ad-hoc networking company that works in the government space. The most obvious use of built-in biometrics capability would be to require the user to unlock the screen and also to access sensitive data contained within the device, and within network resources accessed by the device.

"Users play different roles in different settings, and we can expect to see that users will want their mobile devices to represent their different identities in a cleanly separated manner," says Vishwanathan. "Biometrics will become a key way to validate these identities."

For example, he says, in a BYOD situation, companies may have their enterprise environment and data segregated on a personal device through separate on-device container that can only be accessed through something like a fingerprint swipe.

But the potential for mobile biometrics in the enterprise reaches beyond providing a way to authenticate on-device security. It could end up being a tool that addresses the pesky issue of insecure passwords safeguarding extremely sensitive transactions or network resources. While organizations can use tokens such as RSA's SecurID to provide a second factor for authentication, tokens are sometimes criticized for their inconvenience. If a user is already carrying a phone or tablet, it makes sense to leverage that device.

Once phones come equipped with biometrics capabilities, the additional assurance comes from the user's unique body properties. Even if the crook stole the device and the password, they wouldn't be able to provide the user's fingerprint or retina pattern to log in to a mobile app or network resource.

Mobile biometrics could potentially even be blended into a federated identity scheme that would control physical access to buildings, says Justin Strong, senior global product marketing manager for Novell.

"On a mobile device, this could probably extend well past simply authenticating access to one's email or other information on the device itself, and evolve into a commonly accepted method for authenticating access to other things as well," says Strong. "Imagine using your smartphone to authenticate who you are, then open the door to your office."

Biometrics has long been hailed as a promising mode of second-factor of authentication in addition to username and password. But its adoption has largely been held back by the cost of biometric hardware. If that hardware comes integrated with popular mobile devices, biometric authentication may become commonplace.